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ABSTRACT 



A chip card in a terminal such as a mobile radiotelephone is 
identified by a first identifier with a server including for 
example the nominal locating recorder in a cellular radio- 
telephone network, without the first identifier being trans- 
mitted in a clear form or substituted by a provisional 
identifier. An anonymous identifier is determined in the card 
on the basis of a generated random number, the first iden- 
tifier and the result of a public key asymmetric algorithm to 
which at least the random number is applied. The anony- 
mous identifier is transmitted to the server which recovers 
the first identifier at least by executing the asymmetric 
algorithm to which a private key and at least partly the 
anonymous identifier are applied. 
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IDENTIFICATION OF A TERMINAL WITH A 
SERVER 

[0001] The present invention relates to the identification of 
a user terminal, and more particularly of a portable elec- 
tronic object belonging, to a user such as a chip card, or 
indeed of a user of the terminal to a server. The identification 
is used to access, by means of such a telecommunication 
network, a service provided by the server resource, such as 
the setting-up of a call with another user terminal. 

[0002] It is known that a user with a radiotelephone 
terminal must identify himself to a server in any telecom- 
munication network in order to gain access to a service. To 
this end, an identifier identifying the terminal or the user is 
transmitted at least once in clear from the terminal to the 
server. Then, in the messages exchanged between the ter- 
minal and the server, the identifier is also present. This 
allows the administrator of the server to handle the proposed 
service as a function of the data associated with the sub- 
scription of the user, and to handle the billing of the service. 

[0003] In such a terminal-client/server system, an attacker 
can detect the identifier of the terminal or of the user in the 
messages transmitted by the terminal in order to locate the 
latter and, for example, to intercept and to time and date the 
messages transmitted from the terminal to the server. 

[0004] In a cellular radiotelephone system of the GSM 
type, each mobile terminal is identified by a unique inter- 
national identifier (IMSI — International Mobile Subscriber 
Identity). For reasons of security, the (IMSI) identifier is 
transmitted through the radio interface between the mobile 
terminal of the user and the fixed network of the radiotele- 
phone network only very rarely, such as after switching on 
the terminal or after a loss of radio coverage of the terminal. 
In order to protect the confidentiality of the identifier of the 
IMSI user, a temporary IMSI identifier (Temporary Mobile 
Subscriber Identity) replaces the IMSI identifier every time 
the mobile tenriinal must identify itself to the fixed network 
of the radiotelephone system. The TMSI temporary identi- 
fier is transmitted by the visitor location register (VLR) to 
which the mobile terminal is attached momentarily at each 
switch-on of the mobile terminal, or if appropriate, during a 
change of VLR register for a transfer of the terminal 
between location zones. 

[0005] During certain exchanges between the mobile ter- 
minal and the VLR register however, after a first switch-on 
of the terminal, the unique IMSI identifier can be inter- 
cepted. The later transmission of the TMSI temporary iden- 
tifier does not remedy the substitution of the IMSI identifier 
for the user by a fraudulent attacker. 

[0006] Furthermore, the change of temporary identifier is 
determined by the fixed network of the radiotelephone 
network, and in a general manner by the server resource in 
the fixed network containing the VLR register, which pre- 
vents any control of the handling of his personal identifier by 
the user at the mobile terminal level. 

[0007] The object of the invention is to overcome these 
drawbacks in order not to transmit the personal identifier of 
the terrninal or of the user in clear to the server during a 
session between the terminal and the server, including 
during the establishment of the latter, and more generally 
every time the identifier has to be transmitted using the 
previous technique, while also allowing an identification of 



the terminal or of the user to the server, as well as manage- 
ment of an identifier actually transmitted at the terminal 
level. 

[0008] To this end, a process to identify user terminal 
resource or a user of the terminal resource by a server 
resource through such a communication network, using a 
first identifier, where an asymmetrical algorithm with public 
key is implemented in the terminal resource, is characterised 
by: 

[0009] the generation of a random number in the user 
terminal resource, 

[0010] the deterrnination in the terminal resource of a 
second identifier as a function of the random number, at least 
from part of the first identifier and from the result of 
executing the asymmetrical algorithm to which at least the 
random number is applied, 

[0011] transmission of the second identifier to the server 
resource and, 

[0012] in the server resource, retrieval of the first identifier 
at least by executing the asymmetrical algorithm to which a 
private key and, at least partially the second identifier, are 
applied so that the server resource verifies that the first 
identifier retrieved is written into a memory of the server 
resource. 

[0013] When at least one authentication of the terminal 
resource by the server resource, or a mutual authentication 
of these, is included, then the above-mentioned steps of the 
process of the invention precede the authentication process. 

[0014] As a result of the determination of a second iden- 
tifier and the transmission of the latter to the server resource, 
the first personal identifier of the user of the terminal is never 
transmitted by the terminal resource to the server resource. 
This means that the first identifier can be all or part of the 
IMSI user identifier in order for a mobile terminal in a 
cellular radiotelephone system of the GSM type to remain 
protected in the terminal resource. The second identifier can 
be transmitted by the terminal resource to the server 
resource at the beginning of a call, that is during the 
setting-up of a call or during the setting-up of a session, so 
that the server decrypts the second identifier in the first 
identifier of the user and so identifies the user. 

[0015] Any change in the second identifier is produced by 
the generation of another random number in the terminal 
resource. The terminal resource thus handles changes in the 
second identifier locally, independently of the server 
resource, as a function of particular events, or periodically, 
or indeed manually at the request of the user. 

[0016] In order to further increase the security of the first 
identifier of the user, the public key necessary for execution 
of the asymmetrical algorithm in the terminal resource, in 
order to produce the second identifier to be transmitted, can 
be modified as desired by the server resource, preferably 
after a prior authentication of the server resource by the 
terminal resource. In this event, the process of identification 
according to the invention can include a change of public 
key and of private key for the asymmetrical algorithm in the 
server resource, and downloading of the changed public key 
from the server resource to the terrninal resource. 

[0017] The invention also relates to a user terminal 
resource, mainly a chip card, identifying itself or identifying 
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a user of the latter to a server resource, for implementation 
of the identification process according to the invention- The 
terminal resource is characterised in that it includes: 

[0018] a resource for the generation of a random number, 
and 

[0019] a resource to determine a second identifier as a 
function of the generated random number, at least from part 
of the first identifier and from the result of executing the 
asymmetrical algorithm to which at least the random number 
is applied, in order to transmit the second identifier to the 
server resource, which retrieves the first identifier at least by 
executing the asymmetrical algorithm to which a private key 
and, at least partially, the second identifier are applied, and 
which verifies that the first identifier retrieved is written into 
a memory of the server resource. 

[0020] For example, the resource to generate a random 
number and the resource to determine a second identifier are 
included in a portable electronic object of the chip card type. 

[0021] Other characteristics and advantages of the present 
invention will appear more clearly on reading the following 
description of several 'preferred embodiments of the inven- 
tion, with reference to the corresponding appended drawings 
in which: 

[0022] FIG. 1 is a schematic block diagram of a digital 
cellular radiotelephone according to a first example of 
implementation of the process of the invention, in which the 
terminal resource essentially comprises an identity module 
of the SIM card type; 

[0023] FIG. 2 shows some steps of the identification 
process according to a first embodiment of the invention 
which makes use of an asymmetrical algorithm and a 
symmetrical algorithm; 

[0024] FIG. 3 shows some steps of the identification 
process according to a second embodiment of the invention 
which employs only an asymmetrical algorithm; and 

[0025] FIG. 4 is a schematic block diagram of such a 
telecommunication network between a tenninal of the per- 
sonal computer type and a server according to a second 
example of implementation of the process according to the 
invention. 

[0026] According to a first example of the client/server 
architecture of the invention shown in FIG. 1, the user 
terminal resource is composed of a user mobile radiotele- 
phone terminal (TU), and more particularly of a removable 
module called a SIM card (Subscriber Identity Module) of 
the chip card type (CD), also called a micro-controller card, 
included in the terminal (TU). 

[0027] At any given instant, the user radiotelephone ter- 
minal (TU) is situated in a location zone of a digital cellular 
radiotelephone system (RR), of the GSM or UMTS type for 
example. The location zone is shown diagrammatical ly in 
FIG. 1 by the fixed part of the network (RR) which includes 
a switch of the mobile switching centre (MSC) which is 
connected firstly through a base station controller (BSC) to 
a base transceiver station (BTS) and then over a radio path 
to the radiotelephone terminal (TU), and secondly to an 
independently-routing telephone switch of the switched tele- 
phone network (RTC/STN). 



[0028] According to a first example of client/server archi- 
tecture of the invention, the server resource (MS) globally 
groups together elements of the fixed part of the radiotele- 
phone network (RR) used for handling the movement of the 
mobile terminals, the security of communications with the 
mobile terminals, and incoming and outgoing calls with the 
mobile terminals in the network (RR). These elements in the 
server resource (MS) are mainly a visitor location register 
(VLR) connected at least to the switching centre (MSC) and 
containing characteristics, such as the identities and sub- 
scription profiles of the mobile terminals, and more pre- 
cisely of the users possessing the chip cards (CP) in these, 
situated in the location zone, and a home location register 
(HLR) connected to several switches of the mobile service 
(MSC) through the signalling network of the radiotelephone 
system (RR). 

[0029] As will be seen in what follows, the VLR register 
no longer assigns a temporary identity (TMSI) to identify 
each mobile terminal (TU) in the location zone, but is 
transparent to a respective anonymous identifier, such as a 
pseudonym (IA1, IA2) transmitted by each user terminal 
(TU) to identify itself to the server resource (MS) according 
to the invention. The communications for the visitor mobile 
radiotelephone terminals, such as the terminal (TU) shown 
in FIG. 1 and momentarily situated in the location zone 
served by the switch (MSC), are handled by the latter. 

[0030] The home location register (HLR) is essentially a 
database, like the VLR register, which contains, for each 
mobile terminal (TU) and more precisely for each SIM card 
(CP), a unique user identifier (ID) attributed during the 
subscription of the user to the radiotelephone service, by 
writing the identifier (ID) into non-volatile EEPROM 
memory on the chip card (CP). The identifier (ID) also 
identifies the chip card (CP) and can be identical, at least in 
part, to the international identity (IMSI), in particular for a 
radiotelephone network of the GSM type. The home location 
register (HLR) records other characteristics associated with 
the users, such as their directory telephone numbers, their 
subscription profiles, etc. 

[0031] As is already known, the home location register 
(HLR) works with an authentication centre (AUC), very 
frequently on the same platform as the home location 
register (HLR). The authentication centre performs authen- 
tication of the users, and contributes to the confidentiality of 
the data transiting over the radio interfaces between the 
mobile terminals (TU) and the base stations (BTS), running 
the authentication and key determination algorithms. The 
authentication centre thus generates confidential authentica- 
tion keys and encryption keys attributed respectively to the 
users. In particular, according to the invention, the authen- 
tication centre (AUC) operates an asymmetrical algorithm 
(AA) whose private key (KPR) is stored in the authentica- 
tion centre (AUC) and the home location register (HLR), 
and a symmetrical algorithm (AS), whose key is derived 
from a random number (R) according to a first embodiment 
of the invention, or operates only an asymmetrical algorithm 
(AA) with private key (KPR). For example, the asymmetri- 
cal algorithm with public key (AA) can be the El Gamal 
algorithm, or the Cramer-Shoup, or the RSAOAEP (Rivest, 
Shamir and Adleman-Optimal Asymmetric Encryption Pad- 
ding). In a variant, the private key (KPR) is not common to 
all the users of the network (RR), but several private keys 
(KPR) are respectively attributed to user groups in corre- 
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spondence with groups of user identifiers (ID), where these 
correspondences are recorded in the home location register 
(HLR). 

[0032] As is already known, the SIM microcontroller card 
(CP) mainly includes a microprocessor (PR) and three 
memories (Ml, M2 and M3). 

[0033] According to the invention, a random number 
generator (GA) is implemented in hardware, in or in con- 
nection with the processor (PR) on the chip card. The 
generator (GA) generates a random number (R) which 
participates in the anonymous identification of the chip card 
(CP) in response to a request from memory Ml. In a variant, 
the random number generator is included in software form 
in ROM memory Ml. 

[0034] Memory Ml is of the ROM type and includes the 
operating system of the card and very frequently a virtual 
machine on which the operating system depends. Authenti- 
cation, communication and application algorithms, and par- 
ticularly the AA and AS algorithms, or the AS algorithm to 
according to the invention, are implemented in memory Ml. 
Memory M2 is a non-volatile memory of the EEPROM type, 
containing characteristics that are associated with the user, 
such as the identifier (ID) of the user with the chip card (CP), 
the subscription profile, a directory of telephone numbers, a 
confidential code, etc. Memory M2 also contains a public 
key (KPU) for the asymmetrical algorithm (AA) imple- 
mented in memory Ml, associated with the private key 
(KPR) by the home location register (HLR) in the server 
resource (MS), and in a variant, also respectively in corre- 
spondence with the identifiers (ID) of the users of a group. 
Memory M3 is RAM memory used for processing of the 
data to be exchanged between the processor (PR) and the 
microcontroller included in the mobile terminal (TU). 

[0035] The two embodiments of the identification process 
of a user terminal resource (TU, CP) by a server resource 
(MS) according to the invention, are described below with 
reference to the first example shown in FIG. 1. 

[0036] The identification process according to the inven- 
tion occurs at the beginning (E0) of a session to be set up 
between the terminal resource composed of at least the chip 
card SIM (CP) and the server resource (MS), through the 
radiotelephone network (RR), after the switching on of the 
terminal (TU) for example, or during any setting-up of an 
outgoing call in the terminal (TU). More generally, the 
process of the invention can occur every time the chip card 
has to transmit its identifier to the fixed network using the 
previous technique. Thus the process of the invention can 
precede one authentication at least of the chip card (CP) by 
the home location register (HLR) and the authentication 
centre (AUC). 

[0037] According to the first embodiment of the authen- 
tication process shown in FIG. 2, steps El to E6 following 
on from the initial step (E0) to determine an anonymous 
identifier (IA1), are essentially executed in the chip card 
(CP), and steps E6 to El 5, to retrieve the user identifier (ID), 
are executed in the server resource (MS) of the radiotele- 
phone network (RR). 

[0038] At step El, the random number generator (GA) in 
the chip card (CP) supplies a random number (R) which is 
stored in memory M3 to be applied to the asymmetrical 



algorithm (AA) and as a key to the symmetrical algorithm 
(AS), implemented in memory Ml. 

[0039] The public key (KPU) and the user identifier (ID) 
are read from memory at virtually simultaneous steps E2 and 
E3, to be applied respectively to algorithms AA and AS. 
Application of the generated random number (R) as data to 
the asymmetrical algorithm (AA) with the public key (KPU) 
produces an encrypted random number (RC) at step E4. In 
parallel with the previous step (E4), application of the 
generated random number (R), as a unique confidential key, 
and of the identifier (ID) of the user as data, to the sym- 
metrical algorithm (AS), produces an encrypted identifier 
(IC) at step E5. In practice, part of the identifier (ID) is 
applied to the AS algorithm. This part includes only the 
confidential MSIN number (Mobile Subscriber Identifica- 
tion Number) of the user included in the IMSI identifier of 
the user and identifying the user in the network (RR). 

[004 0] Then, after execution of the AA and AS algorithms , 
the processor (PR) concatenates the encrypted random num- 
ber (RC) and the encrypted identifier (IC) into an anony- 
mous identifier (LAI) which is written into memory M2. The 
LAI identifier acts as a pseudonym of the user, that is of the 
SIM card (CP) as a client of the server resource (MS). This 
concatenation is followed by transmission of the IA1 pseud- 
onym in a message through the terminal (TU) and the 
radiotelephone network (RR) to the server resource (MS) at 
step E6. The pseudonym (IA1) can be transmitted with the 
prefixes MCC (Mobile Country Code) and MNC (Mobile 
Network Code) of the IMSI identifier of the user, so that the 
home location register (HLR) recognises the country code of 
the user and the code of the network (RR). 

[0041] In the server resource (MS), the VLR register 
re-transmits the anonymous identifier (IA1) to the home 
location register (HLR) which, in cooperation with the 
authentication centre (AUC), executes the following steps, 
E7 to E13. 

[0042] After a writing of the random number (RC) and the 
identifier (IC) making up the received anonymous identifier 
(IA1) into the home location register (HLR) at step E7, the 
authentication centre (AUC) reads the private key (KPR) at 
step ES in order to applied it, together with the received 
encrypted random number (RC) to the asymmetrical algo- 
rithm (AA) at step E9. The authentication centre (AUC) thus 
retrieves the generated random number (R) constituting the 
result of executing algorithm AA, and applies it as a key to 
the symmetrical algorithm (AS), which receives, in the form 
of data, the received encrypted identifier (IC) read from the 
home location register (HLR) at step E10. 

[0043] The user identifier (ID) initially applied at step E5 
in the chip card (CP) is then retrieved as output from the 
symmetrical algorithm (AS) by the home location register 
(HLR) so that the latter can verify that it has been written 
into its database at step Ell. If the retrieved identifier (ID) 
is not recognised, then the requested session, a call in this 
instance, is refused at step El 2. Otherwise, the home loca- 
tion register (HLR) continues the session at step El 3, 
indicating this to the VLR register, which orders the authen- 
tication of the chip card (CP) by the HLR-AUC pair, or a 
mutual authentication of these. 

[0044] After step E13, the chip card (CP) automatically 
transmits the pseudonym (IA1) read from memory M2 to the 



US 2006/0141987 Al Jun. 29, 2006 

4 



server resource (MS) every time the chip card must identify 
itself to the latter. At any time however, as indicated at step 
El 4, the chip card (CP) can decide to change the pseudonym 
(IA1) by again calling the random number generator (GA) 
so that it generates another random number (R) at step El. 
The generation of another random number (R) by the 
generator (GA) at step El, and therefore the execution of a 
new cycle of steps El to E14, can be periodic in the terminal 
resource, in order to have the chip card (CP) identified 
periodically by the server resource (MS) by detennining 
another anonymous identifier (IA1). According to another 
variant, the generation of another random number (R) by the 
generator (GA) at step El, and therefore the execution of a 
cycle of steps El to El 4, can occur under the control of the 
user or not, following, for example, at least one of the 
following events in the terminal resource composed of the 
terminal (TU) and the chip card (CP): switching on of the 
terminal (TU), preceding at least one authentication of the 
card to the chip card (CP) by the HLR-AUC pair, and the 
identification of a user of the terminal (TU) by the entry of 
a confidential PIN number on the keypad of the terminal, the 
setting-up of a call, the setting-up of a session between the 
terminal resource and the server resource, substitution of the 
server resource (MS) by another server resource, for 
example during a transfer from the VLR register to another 
VLR register of the network (RR) with which is the terminal 
(TU) is now associated, activation of a service application 
such as the sending of a short message or of a connection to 
a WAP portal (Wireless Application Protocol) for mobile 
terminals to communicate with a web site server. 

[0045] In order to improve the security of the identifica- 
tion process, the home location register (HLR), or more 
generally the server resource (MS), can decide at any time 
to change the current private key (KPR) into another private 
key and, as a consequence, the current public key (KPU) into 
another public key, as indicated at step E15. In this event, 
preferably after an authentication of the VLR register by the 
card (CP), the home location register (HLR) orders the 
downloading of the other public key (KPU) through the 
VLR register, the radiotelephone network (PR) and the 
tenninal (TU), into memory M2 of the chip card (CP), so 
that the said other public key (KPU) is used for the next 
executions of the asymmetrical algorithm (AA) at step E4. 
The other public key (KPU) is transmitted in a secure 
message by the VLR register through the execution of an 
algorithm, a symmetrical algorithm for example, whose 
confidential key has been recorded initially in memory M2 
of the chip card (CP) in order to authenticate the said other 
public key (KPU) in the processor (PR). 

[0046] According to a second embodiment, shown in FIG. 
3, at the beginning (E0) of a session to be established 
between the chip card (CP) in the terminal (TU) and the 
server resource (MS), as described previously, the process 
includes firstly steps E21 to E26, essentially executed in the 
SIM card (CP), and then steps E27 to E33 in the server 
resource (MS). For this second embodiment, ROM memory 
Ml and the authentication centre (AUC) include only an 
asymmetrical algorithm with public key (AA). 

[0047] Following step E0, the random number generator 
(GA) generates a random number (R) which is written into 
memory M3 at step E21. The identifier (ID) of the chip card 
(CP) is read from memory M2 at step E22, so that the 
processor (PR) concatenates the generated random number 



(R) and at least part of the read identifier (ID) at step E23. 
The public key (KPU) is read from memory M2 at step E24, 
to be applied, with the combination produced [R, ID], as 
data to the asymmetrical algorithm (AA) at step E25. The 
asymmetrical algorithm (AA) is then executed at step E25, 
and produces an anonymous identifier (IA2) which is written 
into memory M2, and which constitutes a pseudonym, that 
is of the SIM card (CP) held by the user, at step E26. The 
anonymous identifier (IA2) representing the encrypted iden- 
tifier (ID) is transmitted in a message by the chip card (CP) 
through the terminal (TU) and the radiotelephone network 
(RR) to the server resource (MS). 

[0048] The visitor location register (VLR) re-transmits the 
anonymous identifier (IA2) to the home location register 
(HLR) which writes it into memory at step E27. At step E28, 
the private key (KPR) is read from the home location 
register (HLR) which executes the following steps, E29 to 
E33, in cooperation with the authentication centre (AUC). 
The read key (KPR) and the identifier IA2, are applied as 
data to the asymmetrical algorithm (AA) in the authentica- 
tion centre (AUC) at step E29. Execution of the algorithm 
(AA) enables the random number (R), and particularly the 
user identifier (ID), to be retrieved at step E30. 

[0049] Step E30 is followed by steps E31 to E35, which 
are similar to steps Ell to El 5 respectively, and which relate 
to verification of the association of the retrieved identifier 
(ID) with the database in the home location register (HLR), 
the automatic transmission of the anonymous identifier 
(IA2) by the chip card (CP) every time the latter has to 
identify itself to the server resource (MS), the preferably 
automatic changing of the anonymous identifier (IA2) either 
periodically or following at least one of the events listed 
previously, and the downloading of another public key 
(KPU) into the chip card (CP) after a change of private key 
(KPR) in the server resource (MS). 

[0050] According to a variant of the embodiments 
described above, the visitor location register (VLR) in the 
network (RR) contains the AA and AS algorithms, which are 
executed at steps E9 and E10, or the AS algorithm which is 
executed at step E29, instead of being implemented and 
executed in the authentication centre. 

[0051] In accordance with a second example of the client/ 
server architecture according to the invention, shown in 
FIG. 4, the terminal resource is a personal computer (PC) or 
a personal digital assistant (PDA) or any other electronic 
object, portable in particular, which is connected to such a 
telecommunication network (RT). The network (RT) can 
include the internet network and an access network such as 
the switched telephone network, or indeed can consist of a 
local network, such as a WLAN wireless local network 
(Wireless Local Area Network). In particular, in relation to 
the invention, the terrninal (PC) includes a memory (ME), 
preferably of the secure type, in which the AA and AS 
algorithms or the AA algorithm are implemented, and in 
which the user identifier (ID) and the public key (KPU) are 
stored. The terminal (PC) contains a browser playing the 
role of client in relation to a server (SE), such as the server 
resource according to the invention, connected to the tele- 
communication network (RT). In the server (SE), the AA 
and AS algorithms according to the first implementation or 
the AA algorithm according to the second implementation 
are also implemented, and the private key (KPR) and the 
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public key (KPU) are stored, preferably in correspondence 
with an identifier (ID) of a user of the terminal (PC), such 
as a log-in user, as in the server resource (MS) according to 
the first example. In this example, the server (SE) can, for 
instance, be a web site or portal which at least handles the 
access to a database to which the user of the terminal (PC) 
is subscribed. 

[0052] Steps similar to those described at El to E15, or 
E21 to E35, are executed partly in the terminal (PC) and 
partly in the server (SE) in order to identify a user of the 
terminal (TU) by comparison of the identifier (ID) retrieved 
by the server (SE) and the user identifier stored in the server. 
These steps can precede others security steps relating in 
particular to an authentication of the user by verification of 
a password of the user. 

[0053] In a variant, the terminal (PC) is equipped with a 
reader for an additional chip card (CA) which is similar to 
the chip card (CP) according to the first example shown in 
FIG. 1, that is the card whose memories Ml and M2 contain 
the AA and AS algorithms according to the first embodi- 
ment, or the AA algorithm according to the second embodi- 
ment, the identifier (ID) of the user-holder of the card (CA) 
and therefore of the card (CA) itself, and the public key 
(KPU). As in the example shown in FIG. 1, the terminal 
(PC) in this variant is transparent to the communications 
between the server (SE) and the card (CA) regarding the 
identification of the card (CA) by the server (SE) according 
to the invention. The link between the card (CA) and the 
terminal (PC) is conventional, and can be a link by electrical 
contact, a contactless link, or a proximity radio link of the 
Bluetooth or 802.11 type. 

[0054] According to yet another variant of the second 
example shown in FIG. 4, the chip card (CA) has stored 
only the identifier (ID) and the public key (KPU) in its 
EEPROM memory (M2), and the AA and AS algorithms, or 
the AA algorithm, are implemented in the terminal (PC). 

[0055] In these variants of the second example, the termi- 
nal (PC) and the additional chip card (CA) can be a bank 
terminal and a credit card respectively, or a point-of-sale 
terminal and an electronic purse. 

1. A process to identify a user terminal resource or a user 
of the terminal resource by a server resource in a telecom- 
munication network, using a first identifier, where an asym- 
metrical algorithm with public key is implemented in the 
terminal resource, comprising the following steps: 

generating a random number in the user terminal resource, 

determining in the terminal resource a second identifier as 
a function of the random number, at least from part of 
the first identifier and from the result of executing the 
asymmetrical algorithm to which at least the random 
number is applied, 

transmitting the second identifier to the server resource, 
and 

in the server resource, retrieving the first identifier at least 
by executing the asymmetrical algorithm to which a 
private key and, at least partially, the second identifier 
are applied, so that the server resource verifies that the 
first retrieved identifier is written into a memory of the 
server resource. 



2. A process according to claim 1, further including the 
step of authenticating the terminal resource by the server 
resource subsequent to the steps of claim 1 . 

3. A process according to claim 1, in which the determi- 
nation in the terminal resource includes application of the 
generated random number to the asymmetrical algorithm 
with the public key to produce an encrypted random number, 
application of the generated random number as a key, and 
the first identifier to a symmetrical algorithm implemented 
in the terminal resource, to produce an encrypted identifier, 
and concatenation of the encrypted random number and of 
the encrypted identifier in the second identifier to be trans- 
mitted to the server resource, and wherein the retrieval in the 
server resource includes application of the encrypted ran- 
dom number to the asymmetrical algorithm with the private 
key, in order to retrieve the generated random number, and 
application of the retrieved random number and the 
encrypted identifier to the symmetrical algorithm, in order to 
retrieve the first identifier. 

4. A process in accordance with claim 1, wherein the 
determination in the terminal resource includes application 
of the generated random number concatenated to the first 
identifier, to the asymmetrical algorithm with the public key 
to produce the second identifier to be transmitted to the 
server resource, and wherein the retrieval in the server 
resource includes application of the second identifier to the 
asymmetrical algorithm with the private key in order to 
retrieve the first identifier. 

5. A process according to claim 1, further including the 
steps of changing the public key and the private key for the 
asymmetrical algorithm in the server resource, and down- 
loading the changed public key from the server resource to 
the terminal resource. 

6. A process according to claim 1 , wherein the generation 
of the random number is periodic in the terminal resource. 

7. A process according to claim 1 , wherein the generation 
of the random number occurs following at least one of the 
following events in the terminal resource: switching on the 
terminal resource, setting-up a call, setting-up a session 
between the terminal resource and the server resource, 
substitution of the server resource for another server 
resource, or activation of a service application. 

8. A user terminal resource identifying itself, or identify- 
ing a user of the latter, to a server resource, through a 
telecommunication network, using a first identifier, an asym- 
metrical algorithm with a public key implemented in the 
terminal resource, comprising: 

a resource to generate a random number, and 

a resource to determine a second identifier as a function 
of the random number, at least from part of the first 
identifier and from the result of executing the asym- 
metrical algorithm to which at least the random number 
is applied in order to transmit the second identifier to 
the server resource, which retrieves the first identifier at 
least by executing the asymmetrical algorithm to which 
a private key and, at least partially, the second identifier 
are applied, and which verifies that the first retrieved 
identifier is written into a memory of the server 
resource. 

9. A user terminal resource according to claim 8, wherein 
the resource to generate a random number (GA) and the 
resource to deteixnine a second identifier are included in a 
portable electronic object of the chip card type. 

* * * * * 



